Disallow empty passwords in LDAP authentication, the same way

author Magnus Hagander <magnus@hagander.net>

Thu, 25 Jun 2009 11:30:10 +0000 (11:30 +0000)

committer Magnus Hagander <magnus@hagander.net>

Thu, 25 Jun 2009 11:30:10 +0000 (11:30 +0000)
author Magnus Hagander <magnus@hagander.net>
Thu, 25 Jun 2009 11:30:10 +0000 (11:30 +0000)
committer Magnus Hagander <magnus@hagander.net>
Thu, 25 Jun 2009 11:30:10 +0000 (11:30 +0000)
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c

index b1470715b54e0ce880a75f11af51c1036d3a6fa0..a02022636eade3a9501ee967e017745559608bf6 100644 (file)
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
   *
   *
   * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.146.2.1 2008/07/24 17:52:09 tgl Exp $
+ *       $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.146.2.2 2009/06/25 11:30:10 mha Exp $
   *
   *-------------------------------------------------------------------------
   */
@@ -788,6 +788,13 @@ CheckLDAPAuth(Port *port)
         if (passwd == NULL)
                 return STATUS_EOF;              /* client wouldn't send password */
  
+       if (strlen(passwd) == 0)
+       {
+               ereport(LOG,
+                               (errmsg("empty password returned by client")));
+               return STATUS_ERROR;
+       }
+
         ldap = ldap_init(server, ldapport);
         if (!ldap)
         {
author	Magnus Hagander <magnus@hagander.net>
	Thu, 25 Jun 2009 11:30:10 +0000 (11:30 +0000)
committer	Magnus Hagander <magnus@hagander.net>
	Thu, 25 Jun 2009 11:30:10 +0000 (11:30 +0000)